When you buy SyncShot, Paddle (our Merchant of Record) collects the information needed to process the transaction on our behalf — name, email, billing country, and payment method. Paddle is the data controller for the payment itself and is the entity named on your receipt; we receive only the fields we need to issue, verify, and cancel your subscription.

Your full card number is handled by Paddle's PCI-compliant infrastructure. SyncShot never sees, stores, or has access to it.

If you email support, we keep the contents of your message and any attachments you send long enough to help you and to improve SyncShot.

• Hardware UUID. Each Mac has a unique hardware identifier. We store it so a subscription can be bound to one Mac at a time.
• Subscription activation events. Timestamp, app version, and the success or failure of the check. Used to operate the subscription system and detect abuse.
• Server logs. Our API logs IP addresses and request timestamps for rate-limiting and fraud prevention. Logs are retained for 30 days and then deleted.
• Product analytics. From the website: pages you visit on syncshot.io, the referrer that brought you here, approximate location derived from your IP, device and browser type, and interaction events (clicks on download, buy, and key navigation links). From the Mac app: which features you use, how often you run sync jobs, error rates, and app version — enough to understand what works and what to improve, never the contents of the files you move. Processed by PostHog on our behalf — see “Who we share it with” below.

SyncShot never transmits the contents of your files, your file names, thumbnails, or folder structures to us. Copies happen directly on your Mac between the source you chose and the destinations you chose. We do not see, store, or analyse the photos, videos, or any other files you move with the app.

We also never see your destination credentials — Google Drive OAuth tokens, S3 access keys, SFTP passwords, NAS logins, and any other secrets you provide to connect a destination live only in your Mac's Keychain on your machine. They are not transmitted to our servers, included in analytics, or shared with any third party.

The Mac app does not include any advertising SDK or third-party behavioural tracker. Product analytics are scoped to feature usage and app health only.

• To operate the subscription system (activation, transfers, revocations, refund-triggered deactivations).
• To respond to support requests.
• To send you service emails (purchase receipts, sign-in codes, security notices) and, if you opted in, product updates.
• To prevent fraudulent purchases.
• To comply with tax and accounting requirements applicable to our sales.

We share personal data only with the service providers we rely on to run SyncShot. Each is bound by a data-processing agreement and uses the data only to deliver the service we commissioned.

• Paddle.com Market Limited — our Merchant of Record. Processes the purchase, refunds, and invoicing; handles any applicable VAT or sales tax. Paddle privacy policy.
• Resend — sends our transactional emails (purchase confirmation, sign-in codes, renewal reminders, and cancellation receipts). US-based; receives your email address and the contents of those messages only. Resend privacy policy.
• Our hosting provider — runs the subscription API and stores the subscription database. No file contents are ever stored.
• PostHog — product analytics for both the public website and the Mac app. From the website, receives page views, interaction events, your IP address (used to derive coarse location and then discarded), and a session identifier stored in a first-party cookie. From the app, receives feature-usage events, error reports, and app version — never the file paths, thumbnails, or contents you sync. PostHog privacy policy.

We do not sell your personal data. We do not share it with advertisers. We will disclose data only if required by applicable law or to defend against legal claims.

• Customer email addresses. Kept indefinitely. If you cancel, we keep your email so you can come back without losing your subscription history. Deleted within 30 days of a verified deletion request, unless retention is required for tax or accounting reasons.
• Activation records. Kept for the life of your subscription plus three years to satisfy accounting and audit obligations.
• Server logs. 30 days.
• Support conversations. Up to two years, then deleted.

Depending on where you live, you may have the right to access, correct, delete, export, or object to the processing of your personal data, and to withdraw consent at any time. To exercise any of these, email hello@syncshot.io from the address on file and we will respond within 30 days.

You can unsubscribe from product-update emails at any time using the link in the footer of every such email.

SyncShot is not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us and we will delete it.

Your data may be processed in countries outside your own — Paddle operates from the United Kingdom and the European Union, Resend and PostHog from the United States, and our hosting provider may operate elsewhere. These transfers rely on Standard Contractual Clauses or equivalent safeguards where required.

We protect personal data with encryption in transit (TLS), access controls on our backend, and minimal retention. No system is perfectly secure, and you are responsible for keeping your sign-in email and Mac secure.

We may update this policy as SyncShot evolves or the law changes. The effective date at the top of this page marks the latest revision. For material changes, we will notify registered users by email at least 14 days before the changes take effect.